E-mails are timed out when UTM is enabled

This article describes the issue of certain e-mails not going through the device and eventually being timed out, when UTM is enabled on SRX branch and J-series devices.

Certain e-mails are not going through the device and are eventually timed out, when UTM is enabled on SRX branch and J-series devices.

  • Currently, the UTM module on Branch SRX/J-series devices does not support TLS commands in the SMTP headers.
  • If the UTM module encounters TLS commands, such as STARTTLS, in the SMTP header, the session might hang and the e-mail is eventually timed out.
  • By default, certain e-mail clients, such as Gmail, have TLS options enabled; which causes such issues.

One workaround for this issue is to create a white list for all emails that originate from a particular domain (for example, gmail.com), which are timing out. However, it is possible that a lot of spam may originate from that domain; so, generally this is not a feasible option.

From Junos 11.4R6 and 12.1R5 onwards, support for TLS has been added to the UTM module.If certain emails are being timed out, it is recommended that an upgrade to one of these versions or later be performed.

About the author

Prasanna

Leave a Comment